introduction to network security security
play

Introduction to Network Security Security Chapter 7 Transport - PDF document

Feb 14, 2023 •298 likes •632 views

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data.

  1. Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics • TCP Layer – Responsible for reliable end-to-end transfer of application data. transfer of application data. • TCP vulnerabilities • UDP • UDP vulnerabilities • DNS Dr. Doug Jacobson - Introduction to 2 Network Security - 2009

  2. TCP Services Multiplexing: • A process within a host using TCP service is • A process within a host using TCP service is identified with a port . A port, when concatenated with an internet address, forms a Socket , which is unique throughout the internet. Service provided by TCP is provided by means of a logical connection between a pair of sockets. Dr. Doug Jacobson - Introduction to 3 Network Security - 2009 Multiplexing service Application Application Application Application 1 2 3 N Source Source Source Source Port 1 Port 2 Port 3 Port N Other TCP Layer Transport Protocols Protocol type = 17 (TCP) IP Layer Dr. Doug Jacobson - Introduction to 4 Figure 7.1 TCP Multiplexing Network Security - 2009

  3. TCP port numbers 5 RJE 68 Bootstrap Protocol Client 7 echo 69 Trivial FTP 9 Discard 75 any private dialout service 11 Active Users 77 any Private RJE service 13 daytime 79 FINGER 15 Who is up 101 NIC host name server 17 Quote of the day 17 Quote of the day 102 102 ISO-TSAP ISO-TSAP 19 Character Generator 103 X.400 20 FTP (default data) 104 X.400-SND 21 FTP (control) 105 CSnet Name server 23 TELNET 109 Post Office Protocol Ver 2 25 SMTP 113 Authentication Service 37 Time 115 Simple FTP 42 Host name service 119 NNTP 53 Domain name server 123 NTP 67 BOOTP 161 SNMP agent 162 SNMP management station Dr. Doug Jacobson - Introduction to 5 Network Security - 2009 TCP Connection Management Consists of three services: • Connection Establishment: Allow two TCP users to setup a logical connection between their respective sockets. A connection may be setup if: • No connection between the two sockets currently exists. From a given socket, it is possible to simultaneously maintain more than one connection, but only one connection to any specific remote socket at a time is permitted. – Internal TCP resources are sufficient. – Both users have agreed to the connection. Dr. Doug Jacobson - Introduction to 6 Network Security - 2009

  4. TCP Connection Management • Connection Maintenance service provides for the exchange of data between the two sockets and supports the data transport (described in the next slide). (described in the next slide). • Connection Termination may be either abrupt or graceful. With abrupt termination, data in transit may be lost. A graceful termination prevents either side from shutting down until all data have been received. Dr. Doug Jacobson - Introduction to 7 Network Security - 2009 TCP Data Transport • Full Duplex: Both users may transmit at once. • Timely: The user may request timely delivery of data by associating a timeout with data submitted for transmission. If TCP detects a timeout the connection is abruptly terminated. TCP detects a timeout the connection is abruptly terminated. • Ordered: TCP is stream oriented. TCP guaranteed that the stream of data presented by one user to TCP will be delivered in the same order to the destination user. • Labeled: TCP establishes a connection only if the security designation provided by both users match. • Flow Control: Used to prevent internal TCP congestion • Error Control: TCP uses a simple checksum. Dr. Doug Jacobson - Introduction to 8 Network Security - 2009

  5. TCP • Stream Orientation - When two application processes transfer large volumes of data, we can think of the as a stream of bits divided into 8-bit bytes The stream service on the destination passes the same sequence of octets to the receiver that the the same sequence of octets to the receiver that the sender passed to the source machine. Data are not treated as packets but as a stream of data that is passed to the transport entity. The transport entity will divide the data into packets for transmission to the destination. The destination transport entity will pass the data to the user as a stream. Dr. Doug Jacobson - Introduction to 9 Network Security - 2009 TCP Stream Dr. Doug Jacobson - Introduction to 10 Network Security - 2009

  6. TCP Special Capabilities TCP supports two special capabilities associated with the transfer of data • Data Stream Push: Used to force the delivery of all data waiting to be sent. data waiting to be sent. • Urgent Data Signaling: Provides a means of informing the destination TCP user that urgent data is in the incoming data stream. Dr. Doug Jacobson - Introduction to 11 Network Security - 2009 TCP Error Reporting • TCP will report service failure stemming from catastrophic conditions Dr. Doug Jacobson - Introduction to 12 Network Security - 2009

  7. TCP Services • Unspecified Passive open • Fully Specified Passive Open • Active Open • Active Open with data • Send • Deliver • Allocate • Close • Abort • Terminate • Error Dr. Doug Jacobson - Introduction to 13 Network Security - 2009 TCP Protocol Connection Establishment: • TCP uses a three handshake for • TCP uses a three handshake for connection establishment. We will see TCP defines only one packet format that contains flags to indicate what type of packet it is. The connection packets have the SYN flag set. Dr. Doug Jacobson - Introduction to 14 Network Security - 2009

  8. TCP 3-way Handshake Client Server SYN - ISN = 3000 SYN+ACK - ISN = 4000, ACK = 3001 SYN+ACK ISN = 4000, ACK = 3001 ACK - SSN = 3001, ACK = 4001 Figure 7.3 TCP Connection Establishment Dr. Doug Jacobson - Introduction to 15 Network Security - 2009 TCP Protocol Data Transfer: • Sequence numbers are used for data • Sequence numbers are used for data transfer. The sequence numbers represent the number of bytes not the number of packets. Flow control is handled by using a credit allocation scheme as describe earlier. Dr. Doug Jacobson - Introduction to 16 Network Security - 2009

  9. TCP Data Transfer Dr. Doug Jacobson - Introduction to 17 Network Security - 2009 TCP Connection Termination Connection Termination: • The connection is terminated by sending a packet with the FIN flag set. sending a packet with the FIN flag set. This packet contains the number of the last packet sent. Dr. Doug Jacobson - Introduction to 18 Network Security - 2009

  10. TCP Connection termination Server Client FIN - SN = A , ACK = B FIN+ACK - SN = B, ACK = A+1 ACK - SN = A, ACK = B+1 Figure 7.5 TCP Graceful Termination Dr. Doug Jacobson - Introduction to 19 Network Security - 2009 TCP Header Format Source Port Destination Port Sequence Number Acknowledgement Number Hdr-Len Reserved Flags Window Size Checksum Urgent Pointer Options Flags URG ACK PSH RST SYN FIN Flag Function URG Packet contains urgent data ACK Acknowledgment number is valid PSH Data should be pushed to the application RST Reset Packet SYN Synchronize packet FIN Finish packet Figure 7.6 TCP Header Format Dr. Doug Jacobson - Introduction to 20 Network Security - 2009

  11. Header Based • There have been several attacks using invalid flag combinations. • Most have been fixed, however this is now used to help determine the type of now used to help determine the type of operating system – Probing attacks • Invalid header responses • Initial values – sequence numbers – Window size Dr. Doug Jacobson - Introduction to 21 Network Security - 2009 Protocol Based • Syn flood • Reset Packets • Session Hijacking • Session Hijacking Dr. Doug Jacobson - Introduction to 22 Network Security - 2009

  12. SYN Flood Attacker A1 Attacker A2 Attacker A3 Attacker A3 Victim Attacker A4 Internet Attacker A5 Valid User Dr. Doug Jacobson - Introduction to 23 Network Security - 2009 SYN Flood Dr. Doug Jacobson - Introduction to 24 Network Security - 2009

  13. Reset Shutdown Dr. Doug Jacobson - Introduction to 25 Network Security - 2009 Session Hijacking Victim Attacker Server Router Internet Network where the attacker can see the traffic between the Victim and the Server Dr. Doug Jacobson - Introduction to 26 Network Security - 2009

  14. Session Hijacking Victim Server Attacker SYN SYN + ACK ACK DATA RST DATA DATA DATA + ACK DATA + ACK DATA + ACK Dr. Doug Jacobson - Introduction to 27 Network Security - 2009 Passive Network Filter User Filter Server Router Internet Network where the filter can see the traffic between the user and the server Dr. Doug Jacobson - Introduction to 28 Network Security - 2009

  15. Passive Network Filter Dr. Doug Jacobson - Introduction to 29 Network Security - 2009 Mitigation • Encryption can fix Session hijacking • Reset is harder • Syn flood is hard • Syn flood is hard Dr. Doug Jacobson - Introduction to 30 Network Security - 2009

  16. Authentication Based • No authentication in TCP • Ports might be considered an authentication of the application Dr. Doug Jacobson - Introduction to 31 Network Security - 2009 Traffic Based • Flooding (using all of the TCP resources) • QOS • Sniffing Dr. Doug Jacobson - Introduction to 32 Network Security - 2009

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

966 views • 40 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

1.01k views • 80 slides
Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Key terms Protocol

464 views • 19 slides
Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar DDoS Attacks A persistent threat on the global Internet Working from home new online tools for collaboration New tools new attack

405 views • 9 slides
DDoS flooding attack detection throug h a step-by-step investigation

DDoS flooding attack detection throug h a step-by-step investigation

DDoS flooding attack detection throug h a step-by-step investigation

209 views • 17 slides
Proposals to fix the edge Ca thenetwork Compute Storage Why How How connect to nearest edge

Proposals to fix the edge Ca thenetwork Compute Storage Why How How connect to nearest edge

More Security Start oith Denial of Service CDN Last class Authentication vs Authorization SYN flood why does it work How fixed DDos was it What Proposals to fix the edge Ca thenetwork Compute Storage Why How How connect to nearest edge

58 views • 4 slides
Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking

Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking

Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking SSP 2018, Hildesheim Lukas Ifflnder , Stefan Geissler, Jrgen Walter, Lukas Beierlieb, Samuel Kounev 08.11.2018

677 views • 46 slides
Towards a Vecsigrafo Portable Semantics in Knowledge-based Text Analytics Ronald Denaux &

Towards a Vecsigrafo Portable Semantics in Knowledge-based Text Analytics Ronald Denaux &

Towards a Vecsigrafo Portable Semantics in Knowledge-based Text Analytics Ronald Denaux & Jos Manuel Gmez Prez HSSUES Oct. 21st, 2017 The Cognitive Chasm How can humans and AI interact with and understand each other? Is this

471 views • 17 slides
Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Cryptography Markus Kuhn Computer Laboratory, University of Cambridge

Cryptography Markus Kuhn Computer Laboratory, University of Cambridge https://www.cl.cam.ac.uk/teaching/1819/Crypto/ These notes are merely provided as an aid for following the lectures. They are no substitute for attending the course. Lent

1.26k views • 108 slides
Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Related textbooks Main reference: Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography Chapman & Hall/CRC, 2nd ed., 2014 Further reading: Markus Kuhn Christof Paar, Jan Pelzl: Understanding

794 views • 27 slides
Worldwide distribution of experimental physics data using Oracle Streams Eva Dafonte Prez

Worldwide distribution of experimental physics data using Oracle Streams Eva Dafonte Prez

Worldwide distribution of experimental physics data using Oracle Streams Eva Dafonte Prez Database Administrator @CERN CERN IT Department CH-1211 Genve 23 Switzerland www.cern.ch/i t Outline CERN and LHC Overview Oracle Streams

583 views • 45 slides

More recommend